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DETAILED ACTION 
Response to Amendment 

1. Claims 1, 5, 7-12, 14-15 are pending. Claims 6, 13 are canceled. Independent 
Claims are 1, 8. 

EXAMINER'S AMENDMENT 

2. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Dave Devine, Reg. No. 51,275, (509) 324-9256 ext. 233 on 1/5/2006. 

3. The application has been amended as follows: 
In Claims: 

Claim 1 (Currently Amended), A computer-readable medium having computer- 
executable instructions for operating a policy agent of a network for performing steps 
comprising: 

detecting a network connection from a client computer on the network; 
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composing a challenge for authenticating a user of the client computer 
associated with said network connection, the challenge being encrypted with a 
private key of the policy agent; 

transmitting the challenge to the client computer; 

receiving a response from the client computer; 

decrypting the response using a public key of the user to obtain a first 
message digest value; 

receiving network data in a form of packets, through the network 
connection with the client computer; 

calculating a second message digest value based on the challenge and a 
pre-selected number of packets of the received network data; 

comparing the first and second message digest values to determine 
whether a match is found; 

if a match is found, then fonA^arding the network data to their specified 
recipient, else not forwarding the network data to their specified recipient. 



Claims 6 (Canceled) 



Claim 8 (Currently Amended), A method of authenticating a user using a client 
computer on a network to transmit network data through a policy agent of the network, 
comprising the steps of: 
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detecting by the policy agent a network connection from tine client computer 
for transmitting network data of the user; 

receiving by the policy agent network data in a form of packets, transmitted 
through the network connection from the client computer; 

obtaining, by the policy agent, an identity of the user and a public key of the 

user; 

composing, by the policy agent, a challenge encrypted with a private key of 
the policy agent; 

sending the challenge to the client computer; 

decrypting, by the client computer, the challenge; 

generating, by the client computer, a first message digest value based on 
the challenge and a pre-selected number of packets of the network data of the 
user; 

encrypting, by the client computer, the first message digest value with a 
private key of the user to create a response; 
sending the response to the policy agent; 

decrypting, by the policy agent, the response to obtain the first message 
digest value; 

calculating a second message digest value based on the challenge and the 
network data received through network connections from the client computer; 

comparing the first and second message digest values to determine 
whether there is a match there between, and 



Application/Control Number: 09/436,135 Page 5 

Art Unit: 2143 

if a match is found, then forwarding, by the policy agent, the network data 
to their specified recipient, else not forwarding the network data to their specified 
recipient. 



Claims 13 (Canceled) 



Allowable Subject Matter 



4. The following is an Examiner's statement of reasons for allowance. 

The Jain (6,31 1 ,218) prior art discloses "the usage of an authentication system utilizing 

a shared secret in conjunction with encryption and decryption techniques". 

The Hardjono (6,725,276) prior discloses "the generation of a message 
digest parameter which is utilized within an authentication scheme". 

The Wesinger (6,052,788) prior art discloses "the utilization of firewall 
techniques that enable network data packet filtering capabilities". 

The Goldman (5,684,951) prior art discloses "the generation of a message 
digest value containing a time stamp parameter". 

The Jain (6,31 1 ,21 8) and Hardjono (US 6,223,224) prior art combination 
discloses: . . . the capability to utilize network data packets, to utilize a challenge and 
response mechanism, and the capability to generate a message digest (i.e. a hash) 
value ... 
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Neither the Jain, Hardjono, Wesinger, nor Goldman prior art discloses the 
capability to generate a message digest (i.e. a hash) value specifically consisting of a 
set of network data packets and a challenge response parameter. In addition, the 
message digest value is utilized in a comparison procedure within a user authentication 
procedure in order to associate a particular user with a particular communications path 
in combination with all the elements of each independent claim as argued by the 
Applicant. 

After extensive searching and analysis of prior art in light of the Applicant's 
claimed invention, the Examiner finds that the referenced prior art does not teach or 
suggest in detail the invention's disclosure in combination with all the elements of each 
independent claim as argued by the Applicant [see Page 7, Lines 14-16 and Page 8, 
Lines 11-12 of Applicant's arguments dated October 17, 2005]. 

Applicant argues that the generation of a message digest utilizing network data 
packets and a challenge response within an authentication process is a unique and a 
novel feature. So as indicated by the above statements, Applicant's arguments have 
been considered persuasive, in light of the claim limitations as well as the enabling 
portions of the specification. 

5. The dependent claims further limit the independent claims and are considered 
allowable on the same basis as the independent claims as well as for the further 
limitations set forth. Any comments considered necessary by Applicant must be 
submitted no later than the payment of the issue fee and, to avoid processing delays, 
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should preferably accompany the issue fee. Such submissions should be clearly 
labeled "Comments on Statement of Reasons for Allowance." 



6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kyung H. Shin whose telephone number is (571) 272- 
3920. The examiner can normally be reached on 9 am - 7 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on (571 ) 272-3923. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Conclusion 
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Kyung H Shin 
Patent Examiner 
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